diff --git a/core/siren-packages.el b/core/siren-packages.el
index 413b144..f74121a 100644
--- a/core/siren-packages.el
+++ b/core/siren-packages.el
@@ -9,20 +9,17 @@
 (require 'cl)
 (require 'package)
 
-(let* ((no-ssl (and (memq system-type '(windows-nt ms-dos))
-                    (not (gnutls-available-p))))
-       (proto (if no-ssl "http" "https")))
-  (when no-ssl
-    (warn "\
-Your version of Emacs does not support SSL connections,
-which is unsafe because it allows man-in-the-middle attacks.
-There are two things you can do about this warning:
-1. Install an Emacs version that does support SSL and be safe.
-2. Remove this warning from your init file so you won't see it again."))
-  ;; Comment/uncomment these two lines to enable/disable MELPA and MELPA Stable as desired
-  (add-to-list 'package-archives (cons "melpa" (concat proto "://melpa.org/packages/")) t)
-  ;;(add-to-list 'package-archives (cons "melpa-stable" (concat proto "://stable.melpa.org/packages/")) t)
-  )
+;; Work-around bug in Emacs 26.2 preventing GNU ELPA to work over HTTPS.
+(setq gnutls-algorithm-priority "NORMAL:-VERS-TLS1.3")
+
+(setq package-archives
+      '(("gnu"          . "https://elpa.gnu.org/packages/")
+        ("melpa-stable" . "https://stable.melpa.org/packages/")
+        ("melpa"        . "https://melpa.org/packages/"))
+      package-archive-priorities
+      '(("gnu"          . 10)
+        ("melpa-stable" . 5)
+        ("melpa"        . 0)))
 
 ;; set package-user-dir to be relative to config path
 (setq package-user-dir (expand-file-name "elpa" siren-dir))